Reflection

suryasree
Accesscontrol.docx
Home>Information Systems homework help>Reflection

Course Name:

Access Control

Course Description:

The course provides an in depth study of the three main security principles: availability, integrity and confidentiality. The course will examine: mechanisms used in access control, what resources an entity can access and the extent of the entity’s capabilities to interact with the resource. The course will also examine approaches to auditing how an entity interacts with the resource.

Course Objectives/Learner Outcomes:

Course Objectives/Learner Outcomes:

Upon completion of this course, the student will:

· Identify the types of access control technologies used in a networking environment.

· Implement knowledge-based and biometric authentication.

· Identify knowledge-based and characteristics-based authentication technologies.

· Recognize how single sign-on systems (SSOs), one-time passwords (OTPs), and smart cards are used for authentication

· Determine the appropriate type of authentication to implement in a given enterprise scenario.

· Recognize ways of securing passwords and identify different types of attacks against passwords and password files.

· Select the appropriate access control model for a scenario.

· Determine the most appropriate access control model to implement in a given situation.

· Recognize how different types of access control techniques operate.

· Distinguish between centralized and decentralized access control administration mechanisms.

· Identify information detection system (IDS) mechanisms and implementation methods, and recognize various intrusion detection and prevention techniques.

Prerequisites:

There are no prerequisites for this course.

Books and Resources:

Required Text: Chapple, Mike, Ballad, Bill, Ballad, Tricia, and Banks, Erin K. Access Control, Authentication, and Public Key Infrastructure, Second Edition. Jones & Bartlett Learning, 2016, ISBN: 978-1-284-03159-1

Other articles and readings may be assigned by course professor.

Recommended Materials/Resources

Please use the following author’s names, book/article titles, Web sites, and/or keywords to search for supplementary information to augment your learning in this subject.

· Official (ISC)2 CISSP Training Seminar Handbook. International Information Systems Security Consortium, 2014.

· Harris, Shon. All in One CISSP Exam Guide, Sixth Edition. McGraw-Hill, 2013.

· Rhodes-Ousley, Mark. The Complete Reference to Information Security, Second Edition. McGraw-Hill, 2013.

Professional Associations

· International Information Systems Security Certification Consortium, Inc., (ISC)²® This Web site provides access to current industry information. It also provides opportunities in networking and contains valuable career tools. http://www.isc2.org/

· International Association of Privacy Professionals (IAPP) This Web site provides opportunity to interact with a community of privacy professionals and to learn from their experiences. This Web site also provides valuable career advice. https://www.privacyassociation.org/

· ISACA This Web site provides access to original research, practical education, career-enhancing certification, industry-leading standards, and best practices. It also provides a network of likeminded colleagues and contains professional resources and technical/managerial publications. https://www.isaca.org/Pages/default.aspx

Tentative Course Expectations (specific due dates are listed in the course module)

Note: Assignments in the following table are listed when they are due.

Unit

Unit Topic

Reading

Assignment Due**

1

Lessons 1 & 2: Access Control Framework, Assessing Risk, and Impact on Access Control

Ch. #1 - 2

Lab 1: Configuring an Active Directory Domain Controller

Lab 2: Managing Windows Accounts and Organizational Units

Lab 1 Quiz

Lab 2 Quiz

Discussion Forum :

Introduce Yourself to your classmates

Jan 12

2

Lessons 3 & 4: Business Drivers for Access Controls

Access Control Policies, Standards, Procedures, and Guidelines

Ch. #3 - 4

Lab 3: Configuring Windows File System Permissions

Lab 3 Quiz

Lab 4: Managing Group Policy Objects in Active Directory

Lab 3 Quiz

Lab 4 Quiz

Jan 19

3

Lessons 5 & 6: Security Breaches and the Law

Mapping Business Challenges

to Access Control Types

Ch. #5 - 6

Lab 5: Managing Group Policy Objects in Active Directory

Lab 6: Configuring Windows Firewall

Lab 5 Quiz

Lab 6 Quiz

Jan 26

4

Lessons 7 & 8: Human Nature and Organizational Behavior

Access Control for Information Systems

Ch. #7 - 8

Midterm Exam. No Lab is due.

Feb 2

5

Lesson 9 & 10: Physical Security

and Access Control

Access Control in the Enterprise

Ch. #9 -10

Lab 9: Configuring Linux File System Permissions

Lab 10: Configuring Linux File System Permissions

Lab 10 Quiz.

Feb 9

6

Lesson 11 & 12: Access Control System Implementations

Access Control Solutions for Remote Workers

Ch. #11 - 12

Lecture Quizzes 11 & 12

Feb 16

7

Lessons 13, 14 & 15: Public Key Infrastructure and Encryption;

Testing Access Control Systems

Access Control Security Models; Access Control Assurance

Ch. #13, 14, 15

Lab 13: Encrypting and Decrypting Files with PKI

Lab 14: Lab 9: Authenticating Security Communications with Digital Signatures

Lab 15: Encrypting and Decrypting Web Traffic with HTTPS

--

Review Course

No Lecture

Review Chapters

1- 15

Final Exam

Feb 26

*

1